Until recently, setting bad credentials when making a call to an
unauthenticated endpoint would result in a 200 (and the response
body).  However repeated calls with bad credentials would lock out the
account.  We recently started returning an error message indicating
the account was locked out.  Today we're fixing this the rest of the
way, and returning a 401 for any calls that have bad credentials
passed in.  If you start seeing increased 401s on unauthenticated
endpoints it's likely that your credentials have always been invalid,
we're just letting you know now.



Reply via email to